If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

PyScan - HT's Scanner

Hey Hey,

I'm writing a scanner as a backend to a php web app. The purpose of it is to scan for common ports that virii and trojans open, to try and elmininate such infections from PCs in the College Residence. I called it PyScan because that seemed simple enough and it seems there are already several pieces of software with that name. I was going to change it but then said, "To hell with it", basically because I can't think of a name, if Anyone can thing of a name and wants to post it here, or PM me. I'll consider them and work on changing it and throw out an acknowledgement in the files. When it's complete I plan on publishing it and creating a website dedicated to it and future versions. However for now it is a single python file. Some of you may have to remove the #! line or modify it. I did that for simplicity so that you can simply type ./pyscan.py however if you prefer to type python &lt;script&gt; that should work also.

From the documentation in the file:

PyScan 0.1b by Tyler Reguly [tyler.reguly@sympatico.ca]

Description: Developed for use in College Technical Support Centre for Scanning Ports which
Trojans and Virii are known to open. Only some of the features are currently implemented
and it is buggy as all hell. However it will scan a single IP address checking the ports listed
in portlist.txt

Development Plans: The usage of this file gives away some of the upcoming plans. Which will include
HTML output (The plan of this is to use it as the back-end for a scanning website),
Class C Network Scanning and command-line port listing. There are also plans to
add threading so that several ports/hosts can be scanned at one time, however
this is still several versions down the road.

Comments: So far about 3 hours have gone into the development of this program. Comments, bug
reports, suggestions, complaints and flames are welcome at the above email address.

If you are so include to check it out pyscan.py -h will display the usage menu and a list of commands, implemented or otherwise. A Basic scan is performed through ./pyscan.py -i &lt;ip address&gt;.

Peace,
HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Well you could call it TRsP 0.1b ( more to Jacks taste) or TRsPscan 0.1b or of course HTsScan 0.1b. You could also use an acronium (sorry spelling) using PCs in the College Residence so it would be PCsCR or even PCPscanCR or PyScanPCCR. Another idea would be GYAscan, for GotYourA$$scan.
There you have a few scatter brained idea from the master of scatter.

\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown

I've done some work here's the next version. It's still a single file, however I believe I will attempt to create modules at some point just to clean it up a bit. I've also included the portlist.txt that I've been using for testing purposes, you can create your own, but I thought it might save you some time. Again feedback is always appreciated. Tonights goal is to add Class C Scanning support and possible get threading going.

To give you a rundown of the improvements/additions from the last version.
- Added UDP Scan (Doesn't seem to function properly on our network, this is what I'm really looking for feedback on... I get all ports open)
- Added HTML output (Fully functional as far as the program is supporting at this point. Generates a simple table with the ports and their status. Eventually it will only list open ports in the table)
- Removed error that occurs when you entire -t (timeout) without an integer value.

Anyways feedback is always appreciated. I'm still looking for more names, so far it's going to either stay as PyScan or become TRsPscan. Once the back-end is fully functional, I will start in on a PHP front-end.

Linux users can tar -zxvf and Windows users should be able to open it with WinRar.

Peace,
HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

I get the following error when running it under Windows using the latest version of Python:

Code:

File "pyscan.py", line 95
'''
^
SyntaxError: invalid syntax

I haven't changed the file at all from the latest release, except I changed the shebang line to:

Code:

#!C:/python/python.exe

which is where Python is located on my machine (same way as I would for Perl scripts) - and it is also in my PATH environment variable so I can execute python [filename] from anywhere in the directory tree.

Any idea what might be causing this? I'd give it a try on Linux only Gentoo/Xfree doesn't like me at the moment.

pwaring, I don't know anything about python script but try this:
- go to line 92
- delete the letter b (right after the colon)
- move these ''' characters to the next line

(I think the ''' marks a comment until it finds another ''')

HT, I was wondering tho why the script didn't tell me the options that I need to enter (I run it using Cygwin's python).
$ python pyscan.py
Traceback (most recent call last):
File "pyscan.py", line 209, in ?
main(sys.argv[1:])
File "pyscan.py", line 171, in main
tcpipscan()
File "pyscan.py", line 54, in tcpipscan
if not scansocket.connect_ex((ipaddress,port)) :
NameError: global name 'ipaddress' is not defined

I see there is already a usage() function that is supposed to be called by main() (I think, again, I don't know anything about python) when no options are entered. Anyway, after reading the usage IN the script, I found that I need to enter at least -i &lt;IP Address&gt;.
$ python pyscan.py -i testbox
Port 22 is open.
Port 23 is closed.
Port 25 is closed.
Port 110 is closed.
Port 111 is closed.
Port 6000 is closed.
Port 80 is closed.
Port 135 is open.
Port 139 is open.
Port 5900 is closed.
Port 5800 is closed.
Port 21 is closed.

Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert HeinleinI\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds